Skip to content

Commit

Permalink
fix: Correctly handle build files and context for docker_registry_ima…
Browse files Browse the repository at this point in the history
…ge (#398)

* tests: Add file_permission test which is failing for now.

* tests: Add whitelist_dockerignore test which is failing for now.

* fix: Various issues with docker_registry_image build process.
  • Loading branch information
Junkern authored Jul 11, 2022
1 parent cf2cb85 commit 401ff5e
Show file tree
Hide file tree
Showing 8 changed files with 82 additions and 11 deletions.
17 changes: 6 additions & 11 deletions internal/provider/resource_docker_registry_image_funcs.go
Original file line number Diff line number Diff line change
Expand Up @@ -248,20 +248,15 @@ func buildDockerRegistryImage(ctx context.Context, client *client.Client, buildO
buildContext = buildContext[:lastIndex]
}

dockerContextTarPath, err := buildDockerImageContextTar(buildContext)
if err != nil {
return fmt.Errorf("unable to build context: %v", err)
}
defer os.Remove(dockerContextTarPath)
dockerBuildContext, err := os.Open(dockerContextTarPath)
excludes, err := build.ReadDockerignore(buildContext)
if err != nil {
return err
return fmt.Errorf("unable to read dockerignore: %v", err)
}
defer dockerBuildContext.Close()

buildResponse, err := client.ImageBuild(ctx, dockerBuildContext, imageBuildOptions)
excludes = build.TrimBuildFilesFromExcludes(excludes, imageBuildOptions.Dockerfile, false)
log.Printf("[DEBUG] Excludes: %v", excludes)
buildResponse, err := client.ImageBuild(ctx, getBuildContext(buildContext, excludes), imageBuildOptions)
if err != nil {
return err
return fmt.Errorf("unable to build image for docker_registry_image: %v", err)
}
defer buildResponse.Body.Close()

Expand Down
41 changes: 41 additions & 0 deletions internal/provider/resource_docker_registry_image_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -208,6 +208,47 @@ func TestAccDockerRegistryImageResource_buildWithDockerignore(t *testing.T) {
})
}

// Tests for issue https://github.com/kreuzwerker/terraform-provider-docker/issues/293
// First we check if we can build the docker_registry_image resource at all
// TODO in a second step we want to check whether the file has the correct permissions
func TestAccDockerRegistryImageResource_correctFilePermissions(t *testing.T) {
pushOptions := createPushImageOptions("127.0.0.1:15000/tftest-dockerregistryimage-filepermissions:1.0")
wd, _ := os.Getwd()
context := strings.ReplaceAll((filepath.Join(wd, "..", "..", "scripts", "testing", "docker_registry_image_file_permissions")), "\\", "\\\\")
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
ProviderFactories: providerFactories,
Steps: []resource.TestStep{
{
Config: fmt.Sprintf(loadTestConfiguration(t, RESOURCE, "docker_registry_image", "testDockerRegistryImageFilePermissions"), pushOptions.Registry, pushOptions.Name, context, "Dockerfile"),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet("docker_registry_image.file_permissions", "sha256_digest"),
),
// TODO another check which starts the the newly built docker image and checks the file permissions to see if they are correct
},
},
})
}

// Test for https://github.com/kreuzwerker/terraform-provider-docker/issues/249
func TestAccDockerRegistryImageResource_whitelistDockerignore(t *testing.T) {
pushOptions := createPushImageOptions("127.0.0.1:15000/tftest-dockerregistryimage-whitelistdockerignore:1.0")
wd, _ := os.Getwd()
context := strings.ReplaceAll((filepath.Join(wd, "..", "..", "scripts", "testing", "docker_registry_image_file_whitelist_dockerignore")), "\\", "\\\\")
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
ProviderFactories: providerFactories,
Steps: []resource.TestStep{
{
Config: fmt.Sprintf(loadTestConfiguration(t, RESOURCE, "docker_registry_image", "testDockerRegistryImageFilePermissions"), pushOptions.Registry, pushOptions.Name, context, "Dockerfile"),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet("docker_registry_image.file_permissions", "sha256_digest"),
),
},
},
})
}

func TestAccDockerRegistryImageResource_pushMissingImage(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Expand Down
11 changes: 11 additions & 0 deletions scripts/testing/docker_registry_image_file_permissions/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
FROM debian:9.13-slim

RUN groupadd -r testgroup && useradd -r testuser -G testgroup


COPY --chown=testuser:testgroup . /testroot

USER testuser

WORKDIR /testroot
RUN cat testfile
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
this file should totally exist
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
*

!empty
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
FROM scratch
COPY empty /empty
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
# This this an empty file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
provider "docker" {
alias = "private"
registry_auth {
address = "%s"
}
}

resource "docker_registry_image" "file_permissions" {
provider = "docker.private"
name = "%s"
insecure_skip_verify = true

build {
context = "%s"
dockerfile = "%s"
}
}

0 comments on commit 401ff5e

Please sign in to comment.